aboutsummaryrefslogtreecommitdiffstats
path: root/ipc/msg.c
diff options
context:
space:
mode:
Diffstat (limited to 'ipc/msg.c')
-rw-r--r--ipc/msg.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/ipc/msg.c b/ipc/msg.c
index 950572f9d796..fede1d06ef30 100644
--- a/ipc/msg.c
+++ b/ipc/msg.c
@@ -820,15 +820,17 @@ long do_msgrcv(int msqid, void __user *buf, size_t bufsz, long msgtyp,
820 struct msg_msg *copy = NULL; 820 struct msg_msg *copy = NULL;
821 unsigned long copy_number = 0; 821 unsigned long copy_number = 0;
822 822
823 ns = current->nsproxy->ipc_ns;
824
823 if (msqid < 0 || (long) bufsz < 0) 825 if (msqid < 0 || (long) bufsz < 0)
824 return -EINVAL; 826 return -EINVAL;
825 if (msgflg & MSG_COPY) { 827 if (msgflg & MSG_COPY) {
826 copy = prepare_copy(buf, bufsz, msgflg, &msgtyp, &copy_number); 828 copy = prepare_copy(buf, min_t(size_t, bufsz, ns->msg_ctlmax),
829 msgflg, &msgtyp, &copy_number);
827 if (IS_ERR(copy)) 830 if (IS_ERR(copy))
828 return PTR_ERR(copy); 831 return PTR_ERR(copy);
829 } 832 }
830 mode = convert_mode(&msgtyp, msgflg); 833 mode = convert_mode(&msgtyp, msgflg);
831 ns = current->nsproxy->ipc_ns;
832 834
833 msq = msg_lock_check(ns, msqid); 835 msq = msg_lock_check(ns, msqid);
834 if (IS_ERR(msq)) { 836 if (IS_ERR(msq)) {
@@ -870,6 +872,7 @@ long do_msgrcv(int msqid, void __user *buf, size_t bufsz, long msgtyp,
870 goto out_unlock; 872 goto out_unlock;
871 break; 873 break;
872 } 874 }
875 msg = ERR_PTR(-EAGAIN);
873 } else 876 } else
874 break; 877 break;
875 msg_counter++; 878 msg_counter++;
generated by cgit v1.2.2 (git 2.25.0) at 2025-04-25 21:31:36 -0400